<?xml version="1.0" encoding="utf-8"?>
<!--
                                                                                     
 h       t     t                ::       /     /                     t             / 
 h       t     t                ::      //    //                     t            // 
 h     ttttt ttttt ppppp sssss         //    //  y   y       sssss ttttt         //  
 hhhh    t     t   p   p s            //    //   y   y       s       t          //   
 h  hh   t     t   ppppp sssss       //    //    yyyyy       sssss   t         //    
 h   h   t     t   p         s  ::   /     /         y  ..       s   t    ..   /     
 h   h   t     t   p     sssss  ::   /     /     yyyyy  ..   sssss   t    ..   /     
                                                                                     
	<https://y.st./>
	Copyright © 2016 Alex Yst <mailto:copyright@y.st>

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <https://www.gnu.org./licenses/>.
-->
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<base href="https://y.st./en/weblog/2016/12-December/08.xhtml" />
		<title>To live life in an ethical way, with no regrets, and to do my best to better the world, making it a better place by aiding in the fight for freedom, privacy, and security. &lt;https://y.st./en/weblog/2016/12-December/08.xhtml&gt;</title>
		<link rel="icon" type="image/png" href="/link/CC_BY-SA_4.0/y.st./icon.png" />
		<link rel="stylesheet" type="text/css" href="/link/basic.css" />
		<link rel="stylesheet" type="text/css" href="/link/site-specific.css" />
		<script type="text/javascript" src="/script/javascript.js" />
		<meta name="viewport" content="width=device-width" />
	</head>
	<body>
		<nav>
			<p>
				<a href="/en/">Home</a> |
				<a href="/en/a/about.xhtml">About</a> |
				<a href="/en/a/contact.xhtml">Contact</a> |
				<a href="/a/canary.txt">Canary</a> |
				<a href="/en/URI_research/"><abbr title="Uniform Resource Identifier">URI</abbr> research</a> |
				<a href="/en/opinion/">Opinions</a> |
				<a href="/en/coursework/">Coursework</a> |
				<a href="/en/law/">Law</a> |
				<a href="/en/a/links.xhtml">Links</a> |
				<a href="/en/weblog/2016/12-December/08.xhtml.asc">{this page}.asc</a>
			</p>
			<hr/>
			<p>
				Weblog index:
				<a href="/en/weblog/"><abbr title="American Standard Code for Information Interchange">ASCII</abbr> calendars</a> |
				<a href="/en/weblog/index_ol_ascending.xhtml">Ascending list</a> |
				<a href="/en/weblog/index_ol_descending.xhtml">Descending list</a>
			</p>
			<hr/>
			<p>
				Jump to entry:
				<a href="/en/weblog/2015/03-March/07.xhtml">&lt;&lt;First</a>
				<a rel="prev" href="/en/weblog/2016/12-December/07.xhtml">&lt;Previous</a>
				<a rel="next" href="/en/weblog/2016/12-December/09.xhtml">Next&gt;</a>
				<a href="/en/weblog/latest.xhtml">Latest&gt;&gt;</a>
			</p>
			<hr/>
		</nav>
		<header>
			<h1>To live life in an ethical way, with no regrets, and to do my best to better the world, making it a better place by aiding in the fight for freedom, privacy, and security.</h1>
			<p>Day 00642: Thursday, 2016 December 08</p>
		</header>
<img src="/img/CC_BY-SA_4.0/y.st./weblog/2016/12/08.jpg" alt="Icicles and moss" class="weblog-header-image" width="809" height="480" />
<h2 id="advertisements">Unsponsored advertisements</h2>
<p>
	My greeting card for my mother shipped today.
	Apparently, I was the only one to order that design.
	Because of that, <a href="https://singpolyma.net/">Stephen Paul Weber</a> filled the order using a new on-demand printing partner.
	They say that my order was the first that they&apos;ve filled this way, that they&apos;d like to know how it goes, and that they have a new <a href="https://libreware.singpolyma.net/">store</a> full of items that include free art.
	If you&apos;re into free art and you like physical goods, you should check it out!
</p>
<p>
	Additionally, Floraverse is having a 20% off sale at their <a href="https://floraverse.bandcamp.com/">Bandcamp page</a> and their <a href="https://store.floraverse.com/">store</a>.
	Just use the promotional code &quot;jinglebwee&quot;.
</p>
<h2 id="general">General news</h2>
<p>
	I looked into certificates from both <a href="https://letsencrypt.org./">Let&apos;s Encrypt</a> and <a href="https://startssl.com./">StartSSL™</a>, and while Let&apos;s Encrypt seems like a better organization, they make the process needlessly complicated.
	It seems that you have to renew your certificate several times each year because they don&apos;t offer you a certificate with a reasonable lifespan.
	StartSSL™, on the other hand, offers certificates that last for three years.
	Honestly, I was expecting single-year certificates from them, so I&apos;m thrilled to be able to get one that lasts for a full three years instead.
	I don&apos;t know when <a href="https://wowana.me./">wowaname</a> is going to rehash their server configuration, so I can&apos;t schedule around that several times each year.
	I need a certificate that will actually last, so I chose StartSSL™.
	Sorry, Let&apos;s Encrypt.
	I might switch if you fix your system.
</p>
<p>
	For some strange reason, StartSSL™&apos;s terms of service are presented as a <abbr title="Portable Document Format">PDF</abbr> file instead of as a webpage, but on a positive note, the terms are only one page long.
	There&apos;s none of that thirty-page nonsense that seems like their entire goal is to get you to give up on actually reading the terms so that they can hide something in them.
	At least, that&apos;s what I thought until I reached a term stating that one must read a second <abbr title="Portable Document Format">PDF</abbr> file, this one numbering forty-four pages long.
	I don&apos;t have time for that.
	Also though, StartSSL™ forbids use of the certificates that they sign on servers that use a different host name than the one on the certificate.
	In the next three years, I&apos;m probably going to forget about that.
	I&apos;m not sure why I&apos;d need to use the certificates on the wrong server when they&apos;re providing (I think) unlimited certificates, but I guess that someone might do that out of laziness.
	I&apos;ve generated the certificate, gotten it signed, and uploaded it to <a href="https://wowana.me./">wowaname</a>&apos;s server.
	I have no idea when the next rehashing will be, but it might not matter.
	This notice was present in the StartSSL™ control panel:
</p>
<blockquote>
<p>
	Notice:<br/>
1.
	Mozilla and Google decided to distrust all StartCom root certificates as of 21st of October, this situation will have an impact in the upcoming release of Firefox and Chrome in January.
	Apple&apos;s decision announced on Nov 30th of distrusting all StartCom root certificates as of 1st of December will have an impact in their upcoming security update.<br/>
2.
	Any subscribers that paid the validation fee after Oct.
	21st can get full refund by request.<br/>
3.
	StartCom will provide an interim solution soon and will replace all the issued certificates with issuance date on or after Oct 21st in case of requested.
	Meanwhile StartCom is updating all systems and will generate new root CAs as requested by Mozilla to regain the trust in these browsers.
</p>
</blockquote>
<p>
	Until the updated root keys are available, it&apos;s possible that common Web browsers will reject the certificate.
</p>
<p>
	Before StartSSL™ would sign my certificate, they wanted me to verify that I&apos;m the real domain holder, which was a reasonable request.
	They checked my whois record, then offered to validate using an email sent to the email address listed there or to an email sent to one of about three other email addresses based on my domain.
	In theory, two of those email addresses could have been random users of an email service that I provide, if I provided one, and one of them <code>mailto:postmaster@y.st</code>, should contact the person in charge of the email service hosted at my domain, which might be me or it might be someone that I authorized to manage the email system.
	In other words, if I ran a public email system, someone other than me could potentially &quot;verify&quot; that they are the domain owner.
	Next, StartSSL™ told me to either use their proprietary program to generate a certificate-signing request or to use OpenSSL, free software, to do it.
	They even provided the OpenSSL command to make it easy: <code>openssl req -newkey rsa:2048 -keyout yourname.key -out yourname.csr</code>.
	StartSSL™ allowed the certificate to have up to ten domains, though no wildcards, attached to the certificate.
	At first, I was going to attach some generic subdomains to the certificate just in case I ever needed to use something besides my bare domain, but I opted against doing that.
	If I need to use subdomains, I&apos;ll get another certificate or certificates.
</p>
<p>
	As a side note, it seems that StartSSL™ doesn&apos;t allow the use of passwords for logging in.
	Instead, the default authentication method is to have them send you a one-time authentication code via email.
	Every time.
	It&apos;s a bit of a pain, actually.
	Additionally, it seems insecure, as someone could listen in on the wire and catch the unencrypted authentication code.
	Anyone is able to initiate the sending of the code, as no password is needed.
	StartSSL™ does offer a second opption though, authentication via client certificate.
	As far as I know though, this doesn&apos;t take away the option to use the emailed authentication code, so while it removes the hassle, it doesn&apos;t remove the security problem.
</p>
<p>
	One of the shift leaders emailed me this morning and asked me to come in for a morning shift, saying that they&apos;d get someone else to cover my shorter evening shift.
	I thought that it was the head manager that emailed me at first because the shift leader used the head manager&apos;s email account, but either way, I would have agreed to the shift change.
	I wasn&apos;t happy about it though, as I had coursework due today, but I guess that I&apos;ve always had high organizational citizenship, something that I&apos;ve been learning about in school.
	I try to help my bosses and coworkers out, even when it&apos;s to my detriment.
	I do have my limits though.
	When the shift leader asked me to cover my initial shift in addition to the new shift (for a total of twelve hours), despite having said that they&apos;d get someone else to cover it, I had to turn them down.
	Normally, I&apos;d have done it, but I was running out of time to complete my assignment and that would have left me with a mere half hour to finish it, assuming that I even got off work on time.
	Due to a misunderstanding though, I ended up getting off work earlier than expected, with my actual shift being only slightly longer than my scheduled shift.
	It worked out.
</p>
<p>
	On my way to and from work, ice was everywhere.
	Many of the larger plants, such as shrubs and trees, were covered in a thin layer of ice.
	Moss had sporadic ice, the ground had a partial covering, and the sidewalk and streets had plenty as well.
	It&apos;s going to be a cold winter.
</p>
<p>
	It seems that the shift leader with the hurt arm had had a pinched nerve.
	The pain happened suddenly and with no obvious cause, but they&apos;re on medication now and doing better.
	The main thing that they&apos;re taking is a muscle relaxant, so the nerve can come loose from the muscle, and the pain has gone away.
</p>
<p>
	One of the shift leaders (not the one with the hurt arm) turned off the ventilation system this morning because they were cold.
	I can&apos;t believe that they would do that! We were breathing toxic fumes for several hours without knowing it because they put their own warmth ahead of the safety of everyone in the store.
	I&apos;ll need to remember to pay attention when working with them in the mornings.
	The fumes from the oven are toxic and can be dangerous.
	As this shift leader has proven themself to be untrustworthy, I&apos;ll have to watch my back, and in the process, watch the backs of the rest of my coworkers.
</p>
<p>
	For most of my short shift, I helped the shift leader with the hurt arm make the dough.
	It&apos;s mindless work, so I allowed my mind to wander for a bit.
	I thought a lot about my course assignment, but I also thought about the story that I&apos;d like to write when I have time.
	Previously, I thought about setting it in the <a href="http://floraverse.com./">Floraverse</a> universe or the <a href="https://peppercarrot.com/en/static3/webcomics">Pepper&amp;Carrot</a> universe, but I ruled these two worlds out due to their magic systems not being exactly what I was looking for.
	Today, I reconsidered.
	Having an established and understood magic system would be useful, even if it wasn&apos;t quite what I wanted.
	An established universe could also aid in both making the setting understood and building a cast.
	Of course, I wouldn&apos;t choose premade characters, but having a set of intelligent species that I could use (in the case of Floraverse) could be useful.
	However, I came to the conclusion that both worlds have fundamental characteristics that, while great for their respective stories, are detrimental to my own.
</p>
<p>
	First, let&apos;s discuss Floraverse.
	The Floraverse world is currently being manipulated by five individuals collectively known (at least unofficially) as &quot;the troupe&quot;.
	These being appear to exist outside the main story world, and the main story world appears to be at least partially some sort of performance.
	While most of the characters don&apos;t seem to realize that they&apos;re just props in some sort of play or something, the fact is, that&apos;s basically what they are.
	Only the troupe really matters as only the troupe&apos;s really real.
	That said, these living props are somehow just that: living.
	They can be discarded on a whim by the troupe, but while they exist, they have conscious minds of their own.
	If I use Floraverse as a setting for my story, I have two choices.
	I could set my story in the main world, in which case my story isn&apos;t even real according to itself.
	That is to say, my story isn&apos;t just a fictional story, it&apos;s a fictional story set within another fictional story.
	That&apos;s not quite what I&apos;m after.
	The second option is to set my story within the troupe&apos;s world, the real world of Floraverse.
	So what&apos;s the problem with that? Well, we know next to nothing about this place.
	Everything that we know about Floraverse is part of the troupe&apos;s fictional world.
	Even something as fundamental as the magic system is probably just a construct built by the troupe.
	Likely, none of that applies in the troupe&apos;s world.
	In other words, attempting to set a story in the troupe&apos;s real world would be even more difficult than building an entirely new universe to set my story in.
</p>
<p>
	Next, let&apos;s discuss Pepper&amp;Carrot&apos;s world.
	The reason that I don&apos;t want to use that world is actually a lot more simple.
	As far as I can tell, Pepper&amp;Carrot is a much less convoluted story.
	However, this world does have one strange and limiting factor: it&apos;s unmappable.
	Due to the ever-shifting plates of this planet&apos;s crust, no map can ever be drawn of the geography of this world, as it&apos;d quickly become outdated.
	It&apos;s an interesting plot point, but isn&apos;t something that I personally can make use of, and it makes it difficult to figure out the order that events need to happen in to take into account the landscape.
</p>
<p>
	My <a href="/a/canary.txt">canary</a> still sings the tune of freedom and transparency.
</p>
<h2 id="dreams">Dream journal</h2>
<p>
	In my dream last night, my mother was getting impatient with the fact that I haven&apos;t yet found an apartment, which is about the situation in the real world too.
</p>
<h2 id="university">University life</h2>
<p>
	I finished up my journal assignment today, an exercise for developing a personal mission statement and vision statement, with almost three hours to spare:
</p>
<ul>
<li><a href="/en/coursework/BUS1101/#Unit4">BUS 1101: Principles of Business Management</a></li>
</ul>
<p>
	I really need to get better at time management.
	Drats, I was going to put that on my list of goals, but I forgot.
	It&apos;s too late now though, I&apos;ve submitted it.
</p>
<p>
	My program advisor wrote about my &quot;courses&quot; to check on me, saying that they hope that they&apos;re going well and that I&apos;m enjoying them.
	As they service a multitude of students, they&apos;ve forgotten that I was the student that got stuck in a single wrong course instead of two correct courses.
	That doesn&apos;t mean that it&apos;s not going well, only that the plural word &quot;courses&quot; doesn&apos;t apply.
	No worries though.
	They also said that course registrations are coming up and will be open on the eighteenth.
	If there are problems, they said that I should contact them and let them know.
	I will be sure to attempt registration as early as I can and hope for the best.
	If this registration goes like last registration, I will be sure to get in touch with my advisor.
	I responded, explaining the situation, and saying that I think that I&apos;m doing well enough to land a B, but that I don&apos;t have the right kind of mind for this course, then thanked them for checking up on me and for offering help if registration doesn&apos;t go well.
</p>
<p>
	The school wrote to me asking me to pay me tuition for this term.
	At first, I was going to put it off, but I decided not to do that.
	By paying now, I can get that out of the way.
	Additionally, they might want to use the funds for something in the mean time.
</p>
<p>
	With the urgent stuff out of the way, I started my reading assignment for the week.
</p>
<p>
	<strong>*EDIT <a href="https:/en/weblog/2016/12-December/18.xhtml">Day 00652: Sunday, 2016 December 18</a>*:</strong> I&apos;ve moved &quot;learning journal&quot; content to a separate page now, accessible from the <a href="/en/coursework/">coursework</a> section of the website.
</p>
		<hr/>
		<p>
			Copyright © 2016 Alex Yst;
			You may modify and/or redistribute this document under the terms of the <a rel="license" href="/license/gpl-3.0-standalone.xhtml"><abbr title="GNU&apos;s Not Unix">GNU</abbr> <abbr title="General Public License version Three or later">GPLv3+</abbr></a>.
			If for some reason you would prefer to modify and/or distribute this document under other free copyleft terms, please ask me via email.
			My address is in the source comments near the top of this document.
			This license also applies to embedded content such as images.
			For more information on that, see <a href="/en/a/licensing.xhtml">licensing</a>.
		</p>
		<p>
			<abbr title="World Wide Web Consortium">W3C</abbr> standards are important.
			This document conforms to the <a href="https://validator.w3.org./nu/?doc=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2016%2F12-December%2F08.xhtml"><abbr title="Extensible Hypertext Markup Language">XHTML</abbr> 5.1</a> specification and uses style sheets that conform to the <a href="http://jigsaw.w3.org./css-validator/validator?uri=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2016%2F12-December%2F08.xhtml"><abbr title="Cascading Style Sheets">CSS</abbr>3</a> specification.
		</p>
	</body>
</html>

